Skip to content

Fix double free bug inside IN Filter #10535

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 30, 2022
Merged

Fix double free bug inside IN Filter #10535

merged 2 commits into from
Nov 30, 2022

Conversation

cherylEnkidu
Copy link
Contributor

@cherylEnkidu cherylEnkidu commented Nov 29, 2022
edited
Loading

#10507 Bug is due to the ownership of nanopb value is shared by different variables. The pointer frees twice which leads to crash.

@google-oss-bot
Copy link

Coverage Report 1

Affected Products

  • FirebaseFirestore-iOS-FirebaseFirestore.framework

    Overall coverage changed from ? (cf3cc49) to 88.23% (671429a) by ?.

    219 individual files with coverage change

    FilenameBase (cf3cc49)Merge (671429a)Diff
    aggregate_query.cc?100.00%?
    aggregation_result.nanopb.cc?0.00%?
    any.nanopb.cc?0.00%?
    array_contains_any_filter.cc?100.00%?
    array_contains_filter.cc?100.00%?
    async_queue.cc?100.00%?
    auth_token.cc?100.00%?
    autoid.cc?100.00%?
    background_queue.cc?100.00%?
    bits.cc?100.00%?
    bound.cc?84.29%?
    bundle.nanopb.cc?0.00%?
    bundle_loader.cc?95.65%?
    bundle_reader.cc?91.26%?
    bundle_serializer.cc?91.40%?
    byte_stream_apple.mm?86.36%?
    byte_stream_cpp.cc?83.33%?
    byte_string.cc?80.30%?
    collection_reference.cc?100.00%?
    common.nanopb.cc?34.48%?
    comparison.cc?100.00%?
    composite_filter.cc?97.96%?
    connectivity_monitor.cc?100.00%?
    connectivity_monitor_apple.mm?51.92%?
    converters.mm?100.00%?
    database_id.cc?65.38%?
    database_info.cc?100.00%?
    datastore.cc?96.10%?
    delete_mutation.cc?84.00%?
    direction.cc?76.92%?
    document.cc?0.00%?
    document.nanopb.cc?96.67%?
    document_change.cc?62.50%?
    document_key.cc?93.06%?
    document_key_reference.cc?65.00%?
    document_overlay_cache.cc?100.00%?
    document_reference.cc?100.00%?
    document_set.cc?87.30%?
    document_snapshot.cc?100.00%?
    empty.nanopb.cc?0.00%?
    error_apple.mm?92.31%?
    event_manager.cc?98.08%?
    exception.cc?23.68%?
    exception_apple.mm?96.55%?
    executor_libdispatch.mm?96.06%?
    executor_std.cc?97.71%?
    exponential_backoff.cc?100.00%?
    field_filter.cc?95.12%?
    field_index.cc?92.68%?
    field_mask.cc?100.00%?
    field_path.cc?98.17%?
    field_transform.cc?41.67%?
    filesystem_apple.mm?83.33%?
    filesystem_common.cc?81.67%?
    filesystem_posix.cc?81.82%?
    filter.cc?62.50%?
    FIRAggregateQuery.mm?91.89%?
    FIRAggregateQuerySnapshot.mm?100.00%?
    FIRCollectionReference.mm?95.08%?
    FIRDocumentChange.mm?76.32%?
    FIRDocumentReference.mm?97.10%?
    FIRDocumentSnapshot.mm?97.89%?
    firebase_app_check_credentials_provider_apple.mm?92.93%?
    firebase_auth_credentials_provider_apple.mm?76.64%?
    firebase_metadata_provider_apple.mm?86.96%?
    firebase_metadata_provider_noop.cc?100.00%?
    firestore.cc?92.13%?
    firestore.nanopb.cc?35.71%?
    firestore_client.cc?98.88%?
    firestore_index_value_writer.cc?90.00%?
    FIRFieldPath.mm?90.24%?
    FIRFieldValue.mm?89.41%?
    FIRFilter.mm?100.00%?
    FIRFirestore.mm?89.56%?
    FIRFirestoreSettings.mm?85.53%?
    FIRFirestoreSource.mm?90.91%?
    FIRGeoPoint.mm?82.22%?
    FIRListenerRegistration.mm?100.00%?
    FIRLoadBundleTask.mm?80.70%?
    FIRQuery.mm?87.77%?
    FIRQuerySnapshot.mm?95.45%?
    FIRSnapshotMetadata.mm?100.00%?
    FIRTimestamp.m?79.35%?
    FIRTransaction.mm?97.64%?
    FIRTransactionOptions.mm?100.00%?
    FIRWriteBatch.mm?100.00%?
    FSTFirestoreComponent.mm?97.83%?
    FSTUserDataReader.mm?95.38%?
    FSTUserDataWriter.mm?87.06%?
    geo_point.cc?65.00%?
    grpc_completion.cc?100.00%?
    grpc_connection.cc?77.50%?
    grpc_nanopb.cc?94.87%?
    grpc_root_certificate_finder_generated.cc?100.00%?
    grpc_stream.cc?99.01%?
    grpc_streaming_reader.cc?100.00%?
    grpc_unary_call.cc?100.00%?
    grpc_util.cc?100.00%?
    hard_assert.cc?100.00%?
    http.nanopb.cc?0.00%?
    index.nanopb.cc?0.00%?
    index_backfiller.cc?100.00%?
    index_entry.cc?60.00%?
    in_filter.cc?100.00%?
    json_reader.cc?87.50%?
    key_field_filter.cc?100.00%?
    key_field_in_filter.cc?100.00%?
    key_field_not_in_filter.cc?100.00%?
    latlng.nanopb.cc?86.67%?
    leveldb_bundle_cache.cc?76.00%?
    leveldb_document_overlay_cache.cc?97.17%?
    leveldb_index_manager.cc?97.67%?
    leveldb_key.cc?98.82%?
    leveldb_lru_reference_delegate.cc?94.31%?
    leveldb_migrations.cc?92.64%?
    leveldb_mutation_queue.cc?92.42%?
    leveldb_opener.cc?76.81%?
    leveldb_overlay_migration_manager.cc?100.00%?
    leveldb_persistence.cc?90.82%?
    leveldb_remote_document_cache.cc?94.38%?
    leveldb_target_cache.cc?94.68%?
    leveldb_transaction.cc?98.79%?
    leveldb_util.cc?71.43%?
    load_bundle_task.cc?97.06%?
    local_documents_view.cc?96.82%?
    local_serializer.cc?87.74%?
    local_store.cc?100.00%?
    local_view_changes.cc?100.00%?
    logic_utils.cc?97.94%?
    log_apple.mm?93.33%?
    lru_garbage_collector.cc?91.34%?
    maybe_document.nanopb.cc?28.89%?
    memory_bundle_cache.cc?100.00%?
    memory_document_overlay_cache.cc?100.00%?
    memory_eager_reference_delegate.cc?100.00%?
    memory_index_manager.cc?50.00%?
    memory_lru_reference_delegate.cc?95.41%?
    memory_mutation_queue.cc?98.78%?
    memory_persistence.cc?100.00%?
    memory_remote_document_cache.cc?93.06%?
    memory_target_cache.cc?100.00%?
    message.cc?100.00%?
    mutable_document.cc?68.52%?
    mutation.cc?86.15%?
    mutation.nanopb.cc?75.76%?
    mutation_batch.cc?88.30%?
    mutation_batch_result.cc?52.17%?
    nanopb_util.cc?100.00%?
    not_in_filter.cc?100.00%?
    object_value.cc?100.00%?
    online_state_tracker.cc?100.00%?
    ordered_code.cc?94.39%?
    order_by.cc?50.00%?
    overlay.cc?100.00%?
    patch_mutation.cc?100.00%?
    path.cc?100.00%?
    precondition.cc?86.49%?
    pretty_printing.cc?83.33%?
    proto_sizer.cc?72.73%?
    query.cc?98.45%?
    query.nanopb.cc?72.89%?
    query_core.cc?96.29%?
    query_engine.cc?98.28%?
    query_listener.cc?100.00%?
    query_listener_registration.cc?100.00%?
    query_snapshot.cc?84.21%?
    reader.cc?100.00%?
    reference_set.cc?88.89%?
    remote_event.cc?97.10%?
    remote_objc_bridge.cc?91.18%?
    remote_store.cc?90.86%?
    resource.nanopb.cc?0.00%?
    resource_path.cc?100.00%?
    schedule.cc?100.00%?
    secure_random_arc4random.cc?100.00%?
    serializer.cc?91.05%?
    server_timestamp_util.cc?97.06%?
    settings.cc?0.00%?
    set_mutation.cc?89.13%?
    snapshots_in_sync_listener_registration.cc?100.00%?
    snapshot_metadata.cc?100.00%?
    snapshot_version.cc?85.71%?
    status.cc?73.05%?
    status.nanopb.cc?72.22%?
    statusor.cc?80.00%?
    status_apple.mm?96.61%?
    status_errno.cc?37.82%?
    stream.cc?98.83%?
    strerror.cc?100.00%?
    string_apple.cc?100.00%?
    string_format.cc?93.94%?
    string_util.cc?100.00%?
    struct.nanopb.cc?7.32%?
    sync_engine.cc?95.25%?
    target.cc?96.23%?
    target.nanopb.cc?45.00%?
    target_data.cc?40.63%?
    target_id_generator.cc?100.00%?
    target_index_matcher.cc?97.65%?
    task.cc?93.91%?
    timestamp.cc?94.00%?
    timestamp.nanopb.cc?100.00%?
    timestamp_internal.cc?53.33%?
    transaction.cc?90.06%?
    transaction_runner.cc?100.00%?
    transform_operation.cc?77.03%?
    user.cc?100.00%?
    user_data.cc?96.30%?
    value_util.cc?95.71%?
    verify_mutation.cc?12.50%?
    view.cc?98.39%?
    view_snapshot.cc?78.99%?
    watch_change.cc?90.00%?
    watch_stream.cc?90.70%?
    wrappers.nanopb.cc?9.40%?
    write.nanopb.cc?60.23%?
    writer.cc?96.97%?
    write_batch.cc?91.89%?
    write_stream.cc?91.55%?

  • FirebaseFirestore-iOS-FirebaseFirestoreSwift.framework

    Overall coverage changed from ? (cf3cc49) to 46.92% (671429a) by ?.

    22 individual files with coverage change

    FilenameBase (cf3cc49)Merge (671429a)Diff
    CodablePassThroughTypes.swift?100.00%?
    CollectionReference+AsyncAwait.swift?96.88%?
    CollectionReference+WriteEncodable.swift?100.00%?
    DocumentID.swift?86.44%?
    DocumentReference+Codable.swift?50.00%?
    DocumentReference+ReadDecodable.swift?0.00%?
    DocumentReference+WriteEncodable.swift?100.00%?
    DocumentSnapshot+ReadDecodable.swift?80.00%?
    EncoderDecoder.swift?100.00%?
    ExplicitNull.swift?90.48%?
    FieldValue+Encodable.swift?100.00%?
    Firestore+AsyncAwait.swift?97.75%?
    FirestoreQuery.swift?0.00%?
    FirestoreQueryObservable.swift?0.00%?
    GeoPoint+Codable.swift?100.00%?
    QueryPredicate.swift?0.00%?
    ServerTimestamp.swift?96.97%?
    Timestamp+Codable.swift?100.00%?
    TimestampDecodingStrategy.swift?100.00%?
    TimestampEncodingStrategy.swift?100.00%?
    Transaction+WriteEncodable.swift?100.00%?
    WriteBatch+WriteEncodable.swift?100.00%?

Test Logs

  1. https://storage.googleapis.com/firebase-sdk-metric-reports/hQVcVpd213.html

@ehsannas ehsannas merged commit 10295ba into master Nov 30, 2022
@ehsannas ehsannas deleted the cheryllin/FixINFilter branch November 30, 2022 20:53
@paulb777 paulb777 added this to the 10.3.0 - M125 milestone Nov 30, 2022
@paulb777 paulb777 mentioned this pull request Dec 1, 2022
Closed
@cherylEnkidu cherylEnkidu mentioned this pull request Dec 2, 2022
Closed
@StasDoskalenkoHover StasDoskalenkoHover mentioned this pull request Dec 7, 2022
Closed
10 tasks
dconeybe added a commit to firebase/firebase-cpp-sdk that referenced this pull request Dec 12, 2022
@dconeybe
Re-enable Firestore QueryTest.TestQueriesCanUseInFilters since 10.3.0…
d489861 
… includes the fix (firebase/firebase-ios-sdk#10535)
jonsimantov pushed a commit to firebase/firebase-cpp-sdk that referenced this pull request Dec 13, 2022
@firebase-workflow-trigger @dconeybe
Update mobile dependencies - Mon Dec 12 2022 (#1168)
39ab496 
* Update mobile dependencies - Mon Dec 12 2022

### Android

- com.google.firebase.firebase_bom → 31.1.1

### iOS

- Firebase/Analytics → 10.3.0
- Firebase/AppCheck → 10.3.0
- Firebase/Auth → 10.3.0
- Firebase/Core → 10.3.0
- Firebase/Crashlytics → 10.3.0
- Firebase/Database → 10.3.0
- Firebase/DynamicLinks → 10.3.0
- Firebase/Firestore → 10.3.0
- Firebase/Functions → 10.3.0
- Firebase/Installations → 10.3.0
- Firebase/Messaging → 10.3.0
- Firebase/RemoteConfig → 10.3.0
- Firebase/Storage → 10.3.0

> Created by [Update Android and iOS dependencies workflow](https://github.com/firebase/firebase-cpp-sdk/actions/runs/3678546871).

* Re-enable Firestore QueryTest.TestQueriesCanUseInFilters since 10.3.0 includes the fix (firebase/firebase-ios-sdk#10535)

Co-authored-by: firebase-workflow-trigger-bot <[email protected]>
Co-authored-by: Denver Coneybeare <[email protected]>
@firebase firebase locked and limited conversation to collaborators Dec 31, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ehsannas ehsannas ehsannas approved these changes

Assignees

@ehsannas ehsannas

Labels
api: firestore
Projects
None yet
Milestone
10.3.0 - M125
Development

Successfully merging this pull request may close these issues.
4 participants
@cherylEnkidu @google-oss-bot @ehsannas @paulb777